Stream: t-lang/wg-unsafe-code-guidelines

Topic: LinkedList vs Stacked Borrows


RalfJ (Apr 18 2019 at 10:02, on Zulip):

I found a stacked borrows violation in LinkedList: https://github.com/rust-lang/rust/pull/60072
Is that good news because it's one bug less or bad news because not even libstd can get the aliasing right? I don't know.^^

RalfJ (Apr 18 2019 at 10:03, on Zulip):

or maybe this is a data point for "mutable reference should only become unique once written to the first time"? That would however severely reduce the amount of optimizations we can do.

RalfJ (Apr 18 2019 at 13:27, on Zulip):

here's another Stacked Borrows violation that's also about a mutable reference that got created but never used: https://github.com/SimonSapin/rust-typed-arena/issues/26

RalfJ (Apr 18 2019 at 13:29, on Zulip):

This mutable reference does however get passed to a function, namely as_mut_ptr. So even if we wanted to say that only writes and passing-to-a-function actually make an &mut unique (which could save some optimizations), there'd still be a bug here.

JP Sugarbroad (Apr 25 2019 at 17:12, on Zulip):

I'm new here, but it seems like these cases are all "dead code/ability" cases, i.e. requesting a feature or doing a thing that is then never used, right?

JP Sugarbroad (Apr 25 2019 at 17:12, on Zulip):

Perhaps we can remove those before doing optimizations?

RalfJ (Apr 25 2019 at 17:14, on Zulip):

well the reference does get used, but only for some fields of the struct

RalfJ (Apr 25 2019 at 17:14, on Zulip):

so you cannot really remove the reference entirely

JP Sugarbroad (Apr 25 2019 at 17:16, on Zulip):

Right, but aren't you just downgrading them in the fix?

JP Sugarbroad (Apr 25 2019 at 17:16, on Zulip):

I guess I'm not clear on exactly what's wrong, sorry.

RalfJ (Apr 26 2019 at 08:33, on Zulip):

Im replacing referenced by raw pointers

JP Sugarbroad (Apr 30 2019 at 20:59, on Zulip):

Ah, ok, taking advantage of the fact that raw pointers don't constrain things as much as a reference does. But nevertheless, you mentioned "mutable reference that got created but never used" -- can that be detected and removed before analysis?

RalfJ (May 01 2019 at 09:42, on Zulip):

I responded to that above:

well the reference does get used, but only for some fields of the struct
so you cannot really remove the reference entirely

RalfJ (May 01 2019 at 09:42, on Zulip):

also, when defining a semantics and e.g. implementing it in Miri, it's really hard to say "oh and if this value we just created never gets looked at, then these side-effects also dont happen"

RalfJ (May 01 2019 at 09:43, on Zulip):

I wouldn't know how to define that without getting into contradictions. Miri would have to predict the future or something?

RalfJ (May 01 2019 at 09:43, on Zulip):

You could to a source-to-source translation before defining the semantics, bu that would be a very weird mix of static and dynamic approaches for the semantics. Probably possible, but very hard to analyze and reason about, which would also be a problem.

Last update: Nov 20 2019 at 13:15UTC